As a standard I try to design data grade networks for -70dB of coverage while I try to design voice networks for -60dB of coverage. This can be a challenge with both 802.11b/g and 802.11a networks. With 802.11b/g you only have 3 separate channels (United States) to work with which can lead to signal interference from adjoining APs. While you have more channels with 802.11a you end up with some channels maxing out at 50mW while other channels max out at 100mW and you can even end up with channels that are not utilized by the wireless handsets.

Lately I’ve been supporting the Avaya (formerly Nortel; Avaya Blue) 6100 series wireless handsets with the Avaya 2245 Wireless Gateway which provides the QoS utilizing the Spectralink Voice Priority (SVP) protocol.I have four large facilities with approximately 200+ wireless IP handsets at each facility. We have multiple Avaya 2245 Wireless Gateways at each facility for redundancy and each 2245 can handle 80 concurrent calls.

It’s well documented that the 5Ghz spectrum provides a smaller coverage area than the 2.4Ghz spectrum. A 5Ghz signal will not pass as easily or as far as a 2.4Ghz signal. It’s also well known that the 2.4Ghz spectrum is becoming increasingly crowded with all sorts of devices and solutions.

We recently tried moving a large Avaya 6140 wireless handset implementation from the 802.11b/g radio (2.4Ghz band) to the 802.11a radio (5Ghz band) and we learned a great deal. Why did we try the move? Our public/guest wireless runs on the same 2.4Ghz band and was starting to compete heavily for both RF time and bandwidth against our voice traffic. We were hoping to alleviate some of the issues by moving our voice traffic to the 5Ghz band on the 802.11a radio. Prior to any of these changes the voice wireless solution was highly regarded by our staff. While there were coverages issues in some very small areas, the clinical areas of our hospitals had -60dB of coverage and the voice quality was excellent.

In 2008 I wrote about, “What does watchdog timeout mean on a Nortel wireless phones?“, where I describe some of the challenges at that time.

Jump forward almost 5 years and the same challenges still remain, however, some of them will depend on the radio you are trying to deploy voice on. About 12 months ago I heard a wireless vendor say they wouldn’t support a voice wireless network unless it was deployed on the 802.11a (5Ghz) radio. When I inquired why I was told because it has more bandwidth and channels. I was only consulting on the project so I didn’t challenge the vendor in front of the client , but in retrospect I should have called bullsh*t. In reality the wireless vendors want customers to use the 5Ghz network because they know they’ll need to purchase more APs, it’s that simple. In legacy construction, aging 100+ year old hospitals, I find that the 2.4Ghz coverage is easily 50% larger than that of the 5Ghz band. In more modern construction I generally find that the coverage of the 2.4Ghz band is about 33% bigger than the 5Ghz band. For example, if I perform a site survey I might get a -60dB signal from the 2.4Ghz radio, from that exact same position I might only get get -70dB from the same AP (has multiple radios). In some of the sites I support you might get -70dB outside a room but if you walk all the way into a room and close the door you’ll see your signal drop all the way to -80dB (which is useless for IP telephony and just about everything else).

Lessons Learned

The Avaya 6100 (formerly Nortel) or Avaya 3200 Series Wireless IP phones will not utilize 802.11a channel 165. You need to make sure that you are not using channel 165 on any of your access points/ports or the wireless IP phones will be blind to the network at that specific AP location leading to a potential lack of coverage in that area depending on your AP density. This also holds true for Cisco and Spectralink  wireless handsets as well.

We previously knew that the 5Ghz 802.11a band didn’t provide the same area of coverage as the 2.4Ghz 802.11b/g band but we were completely caught off guard by how varied the difference was depending on the physical building itself (12 inch concrete block walls, plaster wall with wire mesh, etc). In some legacy hospitals you could stand under and AP and get -45dB, go literally 5 feet around a corner and watch the signal go to -81dB. You could get -60dB of coverage from the 802.11b/g radio of an AP and at the same physical location you would only get -75dB of coverage from the 802.11a radio.

The signal from our 802.11a radios in the 5Ghz band was unable to provide the -60dB that our design called for. In many areas it was unable to even provide a -70dB signal and as a result we experience significant voice quality issues. With the degraded RF signal we also started observing roaming issues with handsets bouncing back and forth between APs which were at the fringe of the coverage area.

Recommendations

It’s always important to fact check any vendor, this is especially true in Technology where vendors have a tendency to bullsh*t themselves through a question or problem (flux capacitor). With a G.711 codec you only need 64Kbps (really 87.2Kbps) of bandwidth and a single 802.11b/g AP can easily handle upwards of 10 concurrent calls.

If you are concerned about RF coverage then the 2.4Ghz band is going to be a better solution than the 5Ghz band.

It’s super important to test, test and test again. This way you’ll know before your users (and boss) if there’s going to be a problem.

Cheers!

• MotorolaRFS.RFS7000 (RFS7000)
• MotorolaRFS.RFS6000 (RFS6000)
• MotorolaRFS.RFS4000 (RFS4000)
• MotorolaAP.AP7131 (AP7161)
• MotorolaAP.AP7131 (AP7131)
• MotorolaAP.AP650 (AP650)
• MotorolaAP.AP621 (AP621)
• MotorolaAP.AP6521 (AP6521)
• MotorolaAP.AP6532 (AP6532)
• MotorolaAP.AP6511 (AP6511)

The APs will try to associate via a Layer 2 broadcast with a controller, if they fail to adopt via Layer 2 they will issue a a DHCP request with the vendor class IDs listed above.

This is really helpful in your IPAM or DHCP server, you can define specific pools based on the vendor class to return very specific DHCP options. In this case you would probably want to return DHCP option 189 (string) with the IP address of the wireless LAN switch. You can include multiple IPs separated by commas.

Cheers!

The phone will hang up displaying an I2C error when it first boots up. You can read all the details in the Nortel technical bulletin;
Nortel WLAN Handset 6100 Series Battery Error: “I2C” Battery Issue (Software Rls 2.x Fix – Build 115.021)

While I’m at it I should probably mention that Nortel has released software 115_021 and 115_022 for the Nortel 6100 series WLAN handsets. I personally had an issue with 115_021 after I upgraded a 6140 handset. The ear speaker wouldn’t work at all, not after resetting it, not after switching batteries, not after praying over it. I could place and receive calls and the speaker phone worked fine but I couldn’t even get dial tone out of the ear speaker in the handset. After upgrading to software release 115_022 the problem has not re-occurred.
In addition Nortel has also released v2.4 of the Handset Administration Tool (HAT). This tool allows you to configure the 6100 series phones through the cradle from a USB port. This tool is a godsend for those of us that remember configuring every phone by hand through the dial pad (you trying entering a 128bit WEP/WPA key through a dial pad and not get it wrong).

You can download the new software and the new version of HAT from Nortel;
http://support.nortel.com/go/main.jsp?cscat=SOFTWARE&poid=18281

Cheers!

Update: September 4, 2009
I went back and tested 115_021 software with another 6140 handset and had no problems. I also went back and downgraded the original 6140 handset I tested with from 115_022 to 115_021 and had no problems. I’m guessing it was a fluke of some kind.

References;

P-2007-0150-Global_WLAN_Handset_6100_May_2008.pdf

Motorola has released software v3.3.1 for the WS5100 and v1.3.1 for the RFS7000 Wireless LAN Switches. You can find the release notes for the 3.3.1 (WS5100) software release here. And you can find the release notes for the 1.3.1 (RFS7000) software release here. We’ve been running v1.3 on the RFS7000 for the past few months now with only a few small problems. We hope to start testing the Smart RF feature set that was released in the 1.3 Wi-NG software base very soon. We’re also eager to start testing the AP7131 802.11n Access Port in a few specific locations.

Here’s a quick excerpt from Motorola on v1.3.1 for the RFS7000;

RFS7000 v1.3.1 has the following feature focus: Voice, Security and Resiliency

Voice: Enhancements provide comprehensive WMM Admission control, enabling not only superior voice quality but also optimizations with respect to network usage for voice.

Security: Enhances the built-in IDS capabilities for Ad-Hoc Network Detection and .11n Rogue detection. Provides built-in IPS capabilities via Rogue AP containment for the wireless network.

Resiliency: SMART RF Management that enables the WLAN to automatically and intelligently adapt to changes in the RF environment to eliminate unforseen gaps in coverage.This technology provides dynamic network optimization to ensure user quality of experience at all times by automatic adjustments to channel and power (on detection of RF interference or loss of RF coverage/neighbor recovery).

All the above enable the wireless enterprise by making it easy to deploy, securely and with built-in resiliency and support for voice.
For the Adaptive AP:
• Adaptive AP7131 802.11 a/b/g/n Support ( v3.1.1 )
• Rogue AP detection
• Mesh statistics
• WLAN statistics
• Configurable IPS Sensor on the AP5131( D SKU) in Adaptive mode(ADP-5131 v2.2.1 image)
With the AP300:
• Dynamic Load balancing of AP300s after a primary reverts in a cluster
• Email Notification for critical alarms
• LDAP enhancements
• Cluster GUI for WLANS and APs visualization
• Securing Layer 3 AP and Wireless Switch protocol – Secure WiSPe
• MU Naming
System Enhancements:
• IP v6 Client Support

Cheers!

I recently needed to reset one of these access points and thought it would be useful for anyone else looking for information on the subject.

Step 1. Serial up to the AP5131 with 19200-8-N-1

Step 2. Power cycle the AP5131

Step 3. Press the “Escape” key when the AP5131 states “Press escape key to run boot firmware”.

Step 4. From the “boot>” prompt enter “passwd default”.

Step 5. Reset the system by entering “reset system”.

The AP5131 should perform a full reset and end up at the login prompt after it has booted. The default administrator password is “symbol” (case sensitive).

Note: starting with firmware release 1.1.2.0-005R the AP51x1 password was changed to “motorola”.

Upon logging in for the first time the administrator should be prompted to change the password. The default administrator username is “admin”.

Note: the default IP address of the AP5131 is 192.168.0.1 and the DHCP server is enabled in the factory configuration so you should be able to connect your PC to the LAN port and then open a web browser to access the Admin GUI.

Cheers!

There is a cradle and software available to ease/speed the configuration but for this post we’ll assume that we only have the phone itself and not the configuration cradle or additional software.

Note: If you are going to be supporting and/or installing dozens of these phones I would strongly suggest that you purchase the configuration cradle (you can download the software from Nortel’s site).

In this example the Nortel 2211 WLAN phone will be configured to connect to a TN on a Nortel Succession 1000 v4.5 Call Server over a Motorola 5100 Wireless LAN Switch using WEP encryption. A Nortel 2245 Wireless Gateway is needed in order to connect to a Succession Call Server. Within the DHCP server a scope has been setup with the vendor class of “Nortel-221x-A” which will return the vendor specific DHCP options required by the Nortel WLAN phones.

With the wireless handset powered OFF, simultaneously press and hold the Power On / Start Call and Power Off / End Call keys.Release the Power On / Start Call key, then release the Power Off / End Call key. The first option on the Admin Menu displays.

Press the Up, Down, and Select side buttons, and the softkeys on the wireless handset to scroll through the menu options.

An asterisk (*) next to an option indicates that it is selected.

— Press the Up/Down buttons to display the previous/next menu items.
— Press the Select button to select the menu option or item.
Alternatively, press the OK softkey to select the menu option or item.
— Press the Save softkey to save the entry.
— Press the Bksp key to backspace when editing the entry.
— Press the Up softkey to return to the previous menu level.
— Press Cncl to cancel the entry and return to the previous menu level.
— Press the Exit softkey to exit the menus.

The Admin menu should open with the following options below:

I.P. Addresses
0=Edit, FCN=Up

Scroll down the menu to the ESS ID option:

ESS ID
0=Edit, FCN=Up

Select “0” from this option to configure the ESSID value.

Current ESS ID:
Not learned yet

Scroll down this menu until the select displays “Static Entry” and select “0” to enter a value.

Enter the value proper ESSID of the WLAN you’ll be trying to connect to, when finished select the Power Off/End Call button to SAVE

Select the “FCN” button to move back up a menu level.

Scroll down to the “License Mgmt” option

License Mgmt
0=Edit, FCN=Up

Select “0” to edit the license mgmt option and scroll through the option until you reach “010”.

Set Current [010]
0=Select, FCN=Up

Select the “FCN” button to move back up the a menu level.

Scroll down the menu to the “Security” options:

Security
0=Select, FCN=Up

Select “0” to enter the Security options and then scroll down until the following option appears;

WEP
0=Select, FCN=Up

Select WEP by entering “0” into the phone;

Authentication
0=Edit, FCN=Up

Select Authentication by entering “0” into the phone;

Open System
0=Select, FCN=Up

Scroll down until your reach the “Open System” option and select it by entering “0” into the phone. Proceed back up the menu be hitting the “FCN” button then scroll down the menu until you reach the “WEP On/Off” option, select “0”;

WEP On/Off
0=Select, FCN=Up

Scroll down the menu until the “WEP On” option appears as below and enter “0” to select this option;

WEP On
0=Select, FCN=UP

Key Information
0=Edit, FCN=Up

Default Key     1
Current Key:

Key Length
0=Edit, FCN=Up

128 bit
0=Select, FCN=Up

Key #1
Key #2
Key #3
Key #4

Enter the Default Key number and actual WEP key for the ESSID you’re trying to connect to. After this initial configuration the phone should connect to the WLAN and pull additional DHCP configuration options and should perform any firmware uploads if any are required.

***DO NOT POWER OFF THE PHONE WHILE THE FIRMWARE IS BEING UPDATED ***

Once the phone completes the upgrade it will reboot and should present a display similar to below;

Connect Svc
Node: _ _ _ _
TN: _ _ _ . _ _ . _ _ . _ _

OK  BKSp  Cler  Cncl

From here you’ll need to configure the node and TN information for this specific phone.

Cheers!

Wireless networking has definitely brought its own set of distinct challenges. Channel and power management are among the too big problems with wireless networking. And let’s not forget the whole security issue with WEP, WPA and WPA2. Interoperability issues can also create a lot of headaches. And the never ending discussions over which band is better, the 2.4Ghz (802.11b/g) or 5Ghz bands (802.11a).

What vendor are you using for your wireless LAN?

Thanks for the feedback!

Cheers!

The Nortel 6140 supports IEEE 802.11 a/b/g wireless LANs. It features Push-To-Talk (PTT) and speaker phone capabilities.

The first question I had was “how do I get to the configuration?”

In order to enter the Admin menu you need to perform the following

• with handset powered off
• press and hold Green Key
• then press and release Orange Key
• then release Green Key when “Admin Menu” is displayed
• enter password (default 123456)
• use the navigation keys to scroll through the options and select menus

I’ve been really impressed with the call quality on the Nortel 2210 and 2211 so I’m sure I won’t be disappointed with the Nortel 6140. Just as a side note Nortel is OEMing the phones from Polycom (formerly Spectralink), and those folks know how to make some really good phones.

Cheers

Update April, 10, 2008

Out of the box the phone will boot up and display “No Reg Domain Set”. This pertains to which country the device is being operated in so that it can conform to the rules and regulations set forth in that country that govern 802.11 wireless frequencies.

Reg. (Regulatory) Domain
The Regulatory Domain defaults to None on the wireless handset display.
FCC requirements dictate that the menu for changing the domain be available by password, which in this case is the LINE button. To change the domain, press LINE and then enter the digits that represent the domain for the site. You must enter both digits.
The following are domain digits:
• 01—North America
• 02—Europe (except Spain and France) and Japan
• 04—Spain
• 05—France
• 06—Korea
As of this writing, Spain and France are adopting the general European
Regulatory rules. Check with the wireless LAN administrator or supplier for
the correct domain to enter in these countries.

Once you’ve set the regulatory domain you’ll be prompted for which radio you’d like to use; 802.11a, 802.11b/g, 802.11g only.

Cheers!

We are currently working through an issue that is affecting our Nortel 2211 Wireless telephones on our Motorola RFS7000 Wireless LAN Switch. In short it appears that the phone is resetting itself for unknown reasons. The problem is very intermittent and sporadic, hence it’s very difficult to recreate. The vendors involved in the problem, Motorola, Nortel and Polycom (Spectralink) are all asking for wireless traces of the problem. In order to capture the problem we need four laptops; three laptops tracing on each of the wireless channels in the 802.11b 2.4Ghz spectrum and one laptop tracing on the LAN side of the RFS7000. Needless to say that is a lot of hardware to setup. And the wireless laptops really need to physically move with the wireless telephone as it moves through the building (wireless network).

Then I heard that CACE Technologies had a hardware solution that worked with WireShark and allowed for simultaneous packet capture on all three 802.11b channels. Using three AirPcapEx USB adapters I could use a single laptop to capture all three 802.11b channels saving me a lot of hardware and a lot of time trying to assemble/merge the different packet traces.

I’ve been using the solution for the past week and it seem to work well. It was perfect timing because WireShark v1.0 was released earlier this week. Even though it’s a single laptop it can still be a bit of a logistical pain with the three USB adapters and the three antennas. I got some really interesting stares walking around the building with this octopus looking thing on top of the laptop keyboard.

Cheers!

We want to locate the following device wireless-laptop.acme.org so we need to start by identifying the IP address of the device. Thanks to Dynamic DNS we can be assured that our DNS servers will have that information.

C:\> nslookup wireless-laptop.acme.org.
Server:         10.1.1.1
Address:        10.1.1.1#53

Name:   wireless-laptop.acme.org
Address: 10.1.195.55

In most circumstances we’d now need to identify the MAC address of the wireless device. We can skip that step since the WS5100 will have the IP address of the client for us to search against.

WS5100# show wireless mobile-unit
Number of mobile-units associated: 23
index   MAC-address       radio type wlan vlan/tunnel  ready  IP-address    last active
  1     00-1B-77-30-DF-80  30    11a  1      vlan 18   Y     10.1.195.57   1 Sec
  2     00-20-E0-1A-0F-E5  58    11a  1      vlan 18   Y     10.1.195.48   20 Sec
  3     00-13-E8-86-DF-F3  30    11a  1      vlan 18   Y     10.1.195.96   0 Sec
  4     00-15-00-32-8C-EC  19    11a  1      vlan 18   Y     10.1.195.31   31 Sec
  5     00-15-00-32-D6-46  29    11a  1      vlan 18   Y     10.1.195.50   16 Sec
  6     00-15-00-32-D3-67  1     11g  2      vlan 17   Y     10.1.194.54   4 Sec
  7     00-A0-F8-D4-46-9C  2     11b  4      vlan 22   Y     10.1.206.53   223 Sec
  8     00-A0-F8-D4-48-FD  1     11b  4      vlan 22   Y     10.1.206.207  215 Sec
  9     00-1B-77-2A-99-05  30    11a  1      vlan 18   Y     10.1.195.55   7 Sec
  10    00-18-DE-7A-76-D0  30    11a  1      vlan 18   Y     10.1.195.67   16 Sec
  11    00-16-6F-1D-F1-B9  1     11g  2      vlan 17   Y     10.1.194.44   6 Sec
  12    00-1B-77-31-11-77  30    11a  1      vlan 18   Y     10.1.195.68   4 Sec
  13    00-90-7A-04-16-5F  1     11b  3      vlan 21   Y     10.1.198.52   11 Sec
  14    00-A0-F8-D6-3C-2A  1     11b  4      vlan 22   Y     10.1.206.70   652 Sec
  15    00-A0-F8-D4-45-A5  2     11b  4      vlan 22   Y     10.1.206.252  170 Sec
  16    00-13-E8-5B-ED-73  30    11a  1      vlan 18   Y     10.1.195.106  4 Sec
  17    00-13-E8-5B-EE-39  30    11a  1      vlan 18   Y     10.1.195.111  23 Sec
  18    00-18-DE-7A-9E-3A  30    11a  1      vlan 18   Y     10.1.195.77   20 Sec
  20    00-90-7A-03-5E-C7  1     11b  3      vlan 21   Y     10.1.198.50   23 Sec
  21    00-13-E8-86-C8-55  30    11a  1      vlan 18   Y     10.1.195.107  5 Sec
  22    00-A0-F8-D4-48-5F  1     11b  4      vlan 22   Y     10.1.206.145  124 Sec
  24    00-13-E8-86-C7-E7  30    11a  1      vlan 18   Y     10.1.195.110  10 Sec
  26    00-1B-77-2A-5C-6C  30    11a  1      vlan 18   Y     10.1.195.81   37 Sec

Note: if you have a lot of mobile units you can use grep;

WS5100# show wireless mobile-unit | grep "10.1.195.55"
   9     00-1B-77-2A-99-05  30    11a  1      vlan 18   Y     10.1.195.55   7 Sec

Now that we have the MU (Mobile Unit) index (the first number on the line) we can get the full details;

WS5100# show wireless mobile-unit 9

MAC: 00-1B-77-2A-99-05, IP Address: 10.1.195.55, Type: 11a, State: data-ready
Radio Config Index: 30, Bssid: 00-15-70-12-1D-78
Wlan: 1, Vlan: vlan 18, Voice: N, Powersave: N, Classification: normal
Encryption Type: tkip (key index: 1) Authentication Type: eap
Last Assoc: 7990 seconds ago, Last Activity: 23 seconds ago, Roam-Count: 18
DHCP state : DHCPNONE AP Scan Support: N
Session Timeout: 100 days 00:00:00  Idle Timeout: 0 days 00:30:00

In the information above we can see that the MU is associated to radio 30, so let’s look at radio 30;

WS5100# show wireless radio 30

Radio: 30, Mac: <00-15-70-11-34-32>, Type: 11a, ap Index: 7, vlan 198
Current Channel: 36 [5180 MHz], Configured Channel: acs
Current Power: 17 dBm, Max ESS: 16, Max BSS: 4, Num Mu: 11
BSS: 00-15-70-12-1D-78, State: normal
Current Data-Rates/Speed:  basic6 9 basic12 18 basic24 36 48 54
Last Adoption: 0 days 20:55:16 ago

Configuration:
Adoption-pref-id: 0
Max-mobile-unit: 256, Detector: N, On-channel-scan: N
WLAN-BSS mapping: [BSS 1]: 1
RTS-thres: 2346 bytes, Beacon-intvl: 100 K-uSec
Dtim-count: [BSS 1]: 10 beacons
Dtim-count: [BSS 2]: 10 beacons
Dtim-count: [BSS 3]: 10 beacons
Dtim-count: [BSS 4]: 10 beacons
CCA level: 1, CCA Mode: 1, mobile-unit power: 0 dBm
Short-Preamble: disabled, Antenna-Mode: diversity (both antennas)
Placement: indoor, Channel-Mode: acs, Power: 20 dBm
Data-Rates/Speed:  basic6 9 basic12 18 basic24 36 48 54
WMM [best-effort]: aifsn: 3 txop-limit: 0 cwmin: 4 cwmax: 6
admission-control: disabled, max-mobile-unit: 32
WMM [background]: aifsn: 7 txop-limit: 0 cwmin: 4 cwmax: 10
admission-control: disabled, max-mobile-unit: 32
WMM

: aifsn: 1 txop-limit: 94 cwmin: 3 cwmax: 4
admission-control: disabled, max-mobile-unit: 32
WMM [voice]: aifsn: 1 txop-limit: 47 cwmin: 2 cwmax: 3
admission-control: disabled, max-mobile-unit: 32

It doesn’t look like the Motorola switch shows us the radio description above so we’ll need to use another command to get the description;

WS5100# show wireless radio config 30

Radio: 30, Description: Main Building Lobby, MAC: 00-15-70-11-34-32
Radio Type: 11a, AP Type: ap300
Adoption-pref-id: 0
Max-mobile-unit: 256, Detector: N, On-channel-scan: N
WLAN-BSS mapping: [BSS 1]: 1
RTS-thres: 2346 bytes, Beacon-intvl: 100 K-uSec
Dtim-count: [BSS 1]: 10 beacons
Dtim-count: [BSS 2]: 10 beacons
Dtim-count: [BSS 3]: 10 beacons
Dtim-count: [BSS 4]: 10 beacons
CCA level: 1, CCA Mode: 1, mobile-unit power: 0 dBm
Short-Preamble: disabled, Antenna-Mode: diversity (both antennas)
Placement: indoor, Channel-Mode: acs, Power: 20 dBm
Data-Rates/Speed:  basic6 9 basic12 18 basic24 36 48 54
WMM [best-effort]: aifsn: 3 txop-limit: 0 cwmin: 4 cwmax: 6
admission-control: disabled, max-mobile-unit: 32
WMM [background]: aifsn: 7 txop-limit: 0 cwmin: 4 cwmax: 10
admission-control: disabled, max-mobile-unit: 32
WMM

: aifsn: 1 txop-limit: 94 cwmin: 3 cwmax: 4
admission-control: disabled, max-mobile-unit: 32
WMM [voice]: aifsn: 1 txop-limit: 47 cwmin: 2 cwmax: 3
admission-control: disabled, max-mobile-unit: 32

So it looks like the device we’re looking for, wireless-laptop.acme.org (10.1.193.55), is connected to radio 30 (802.11a) which has a description of “Main Building Lobby”. While this will give you an idea of the basic location it doesn’t provide you a specific location. While there are new APIs in the WS5100 and RFS7000 that can provide locationing by means of triangulation between multiple Access Ports, they require external applications and management software.

Obviously you’ll need to make sure that you’ve put descriptive locations on each radio (AP300) through the Motorola console when configuring/installing the APs.

Cheers!

The latest release of firmware for the AP300 will first attempt to locate a wireless switch for adoption via a Layer 2 broadcast request. If it’s unable to locate a wireless switch it will make a DHCP request for an IP address. If the DHCP response does not include option 189 (string) it will make a DNS request to try and locate the wireless switch.

There are two ways the Access Port can locate the Wireless LAN Switch (WS5100/RFS7000) in Layer 3 mode;

• DHCP Option
• DNS Query

You can use DHCP and configure option 189 (string) with the IP address of the Motorola Wireless LAN Switch. You should note that you may need to enclose the string in quotation marks depending on your DHCP server software.

You can also create a DNS alias which the AP can use to locate the switch through a DNS query. The default DNS name requested by an AP300 is “Symbol-CAPWAP-Address”.

You might also notice that the AP300 will also support LLDP (802.1ab) if your Ethernet switch supports it.

Cheers!

Update: August 27, 2008
I should point out that you may need to “prime” the AP300 with the latest firmware by connecting it to a WS5100/RFS7000 over a Layer 2 network. If the AP300 has an older firmware it won’t be able to connect up over a Layer 3 network so you may need to connect it over a Layer 2 network first to allow the AP300 to upgrade after which you’ll be able to connect it over a Layer 2/3 network. The AP300 will automatically upgrade once it connects to the WS5100/RFS7000, there’s nothing that needs to be done by the user or administrator. The WS5100/RFS7000 will need to be running v3.x or v1.x respectively.

Cheers!

To access the switch using a password recovery username and password:
1. Connect a terminal (or PC running terminal emulation software) to the serial port on the front of the switch. The switch login screen displays. Use the following CLI command for normal login process:

WS5100 login: cli

2. Enter a password recovery username of “restore” and password recovery password of “restoreDefaultPassword”.

User Access Verification
Username: restore
Password: restoreDefaultPasword
WARNING: This will wipe out the configuration (except license key) and user data under "flash:/" and reboot the device
Do you want to continue? (y/n):y

3. Press Y to delete the current configuration and reset with factory defaults.

Once the switch has complete it’s reboot you should be able to login with the default userID or “admin” and the default password of “symbol”. If you had previously backed up the configuration of the switch you could restore your old configuration.

I needed to provide a public WiFi hotspot across our existing corporate wireless infrastructure at our five major sites. It obviously needed to be secure from our internal network, it needed to be 100% automated (there were no resources available to support this offering) and it needed to work (there’s a surprise requirement). We also needed to keep internal (corporate) laptops and wireless devices from connecting to the unencrypted network and circumventing current Internet access policies.

Because of security concerns I decided to only allow HTTP (TCP 80) and HTTPS (TCP 443) traffic from the public wireless network. I also tabled any ideas of content/URL filtering from the original design. Instead we would reliable on Blue Coat ProxySG/ProxyAV appliances and Websense to perform content filtering and AV scanning of the traffic in a later upgrade.

How did we do it?
We carved out an ESSID (“public”) from our Motorola Wireless LAN infrastructure at each facility. We setup the wireless network without any encryption or security so as to minimize any end-user difficulties in connecting to the wireless network. We took CentOS and built a WiFi portal server/gateway/firewall/router using an HP Proliant DL360. We essentially turned our Linux server into a cheap and very efficient firewall/gateway for the WiFi Hotspot. We connected one NIC of the Linux server to the wireless WLAN and the other to our internal network. This allowed use to use the Linux server to provide IP addresses to the wireless devices through DHCP. It also allowed use to have the Linux server provide DNS for name resolution. And most importantly it allowed use to use IPtables to provide firewalling between the wireless network and our internal network. This solution also allowed us to implement bandwidth shaping/throttling to prevent the public WiFi Hotspot wireless users from utilizing too much of our Internet link (DS-3 ~ 45Mbps).

Once a device associates with the wireless network the Linux portal server will issue the device a DHCP address from the 192.168.16.0/20 network. When the user opens their web browser they will be redirected to the Linux portal web server and the registration page as it appears below;

Once the user clicks on the “I AGREE” button the Linux server will kick off the “register.pl” script to check the IP/MAC address and decide if they should be granted access. If they are granted access they will be redirected to our Internet homepage after which they’ll be free to surf to any URL. If the user is denied access they will be directed to an error page.

It is also possible that the user may attempt to register multiple times due to their web browser caching the portal page contents as the contents of a legitimate Internet website. Example: A user opens their web browser to www.cnn.com and is greeted with the portal page. User registers that is then re-directed to www.acme.org. The user then types www.cnn.com back into the browser address bar, but instead of getting the legit content for the CNN website the user is greeted again by the portal page. The user not knowing any better clicks the “I AGREE” button for the second time in as many minutes. Previously this problem would have gone on and on over and over, now the system will detect that the user is already registered and will through an error alerting the user to “refresh” their web browser. In order to refresh the browser the user should just type in the URL of the website they are attempting to visit and click “Go” (or hit “enter”). If they are greeted with the portal page they should click the “refresh” button from the browser button bar. That will instruct the web browser to ignore any cached content and attempt to retrieve all the data direct from the source website.

Every night at midnight the firewall rules will be reset to the defaults. Requiring any that wishes to access the WiFi Hotspot to agree to the AUP again. This is done to prevent folks from continually sitting/camping on the WiFi Hotspot.

Initially I thought we might be able to use a VPN or GRE tunnel to connect the five public WLANs to a single Linux server. Unfortunately I was a little ahead of the times and VPN/GRE tunnels were just starting to be supported in the various wireless switches (Motorola in this case). So I decided to take an easier approach and installed five HP Prolaint DL360 servers, one for each site.

I’m very happy to report that the solution works very well and virtually supports itself.

The only issue that we’ve seen is the need to continually update the blacklist file to keep corporate wireless devices from connecting to the public network. Thankfully I’ve written a small Bash Shell script to help with that process.

I hope to write a more detailed account of how to set this up on my website sometime in the future. If your interested in hearing more or have questions please drop me a line.

Cheers!